Making such a large change wasn’t an easy decision. It means rewriting thousands of lines of code and requires a lot of careful design. We might be the largest standalone application to make this transition (feel free to correct me below). However, I think it’s well worth it and that it’s important to the long-term direction of the project. Ultimately it came down to one thing:

Wireshark’s job is to show you what’s happening on your network. If it can’t run on your system then it’s not doing that job.

The team also found it was easier to keep log data rather than delete old code – usually there would be a need for it later on for whatever reason. “Delete nothing unless necessary,” said Eranki. A major conclusion of those early days: Be sceptical about adopting new technology.